Re: Is there any future for smartcards?
-- James A. Donald: > > Typical worm installation [on a smartphone] goes > > like this: > > > > : : Receive message via bluetooth from > > : : unnamed device? Y/N > > : : > > : : Installation Security warning: Unable to > > : : verify supplier. Continue anyway? Y/N Eugen Leitl > It's just a networked computer that happens to look > like a mobile phone. Not particularly > security-oriented. > > It also doesn't matter what current malware does on > the current platform. FWIW, it's still in primitive > shenanigan stage. It's a question what future malware > on future mobile platforms will do. It's a machine for > young social primates. Not suitable for a payment > system, unless equipped with dedicated, hardened > cryptographic compartment with dedicated display and > PIN/biometrics. Symbian is a lot stronger than Windows or Linux, and we have been implementing payment systems on Windows/Linux. > > Seems to me that the phone designers have done a > > better job with virus, worm, and malware resistance > > than Microsoft or Linux. Teenagers are pretty > > sophisticated. Eugen Leitl > Are we talking even about the same species? About the > same teenagers which already own malware-infested PCs, The teenagers I know almost never get viruses on their PCs. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG DXwKq4X3cR5cK33Zn8ZiDp4R1IP/lF87Fcjzyv1I 4POwLeIKZIKuer/s9+86+OZciIIS8Ad7eyLsmd/h5 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
Dave Howe wrote: > TBH I don't think the smartcard approach will work - really, everything > needed > to verify what you are signing or encrypting needs to be within your secure > boundary, so the only sensible approach is for a mobile-sized cryptographic > device to be autonomous, but accept *dumb* storage cards for reading and > writing; that dumb card can then be used to transfer a unsigned document to > the > cryptographic device, which when inserted uses a relay or switch to assume > control of the keyboard and screen; person wishing a digital signature stores > the document to be signed onto the card; signer inserts into his device, uses > the device's display to assure himself this is really what he wants to sign > and > then keys his access code. The device then produces a digital signature > certificate (possibly deliberately adding some harmless salt value to the end > before signing, which is noted in the detached certificate's details) and > copies > that to the dumb card, retaining a copy for the user's own records. > by using a switch controlled by the cryptographic module, the display can be > then used by an alternate system when not in use - for example, a mobile > phone - > while providing an airgap between the secure module and the insecure (and yes, > this would mean if you received a contract via email, you would have to write > it > to a card, remove that card from a slot, insert it into a different slot, then > check it. I can't see how the system can be expected to work otherwise) part of the issue may involve semantic confusing digital signature and human signature (possibly because they both contain the word signature) from 3-factor authentication paradigm * something you have * something you know * something you are ... fundamentally a digital signature verification by public key is basically a form of "something you have" authentication (aka the private key contained uniquely in a hardware token). so, from a parameterized risk management and threat model standpoint ... the issue is how many ways ... and how probable is the compromise of the physical object ... such that the digital signature doesn't originate from a specific hardware token in the possesion of a specific person. the other stuff ... say related to issues attempting to be address by some of the finread characteristics http://www.garlic.com/~lynn/subpubkey.html#finread where a digital signature may be used in conjunction with other efforts and technology to imply a human signature ... which in turn implies that the person had read, understood, approves, authorizes, and/or agrees with what is being signed. this goes far beyond the straight-forward "something you have" authentication that is implied by the verification of a digital signature with a public key. it also potentially opens up the dual-use attack ... where the same technology is used for the original straight-forward authentication purpose ... and as part of some sort of infrastructure implying read, understood, approves, authorizes, and/or agrees. the pki digital certificate work somewhat originally strayed into this confusing the term *digital signature* and *human signature* (possibly because they both contain the word *signature*) ... with the original definition of the *non-repudiation* bit in a digital signature. The scenario went that if the relying party could find and produce a digital certificate w/o the "non-repudiation" bit set, then the relying party could claim that a digital signature applied to some bits were purely for authentication purposes. However, if the relying party could find and produce a digital certificate (for the public key) with the "non-repudiation" bit set, then the relying party claimed that was sufficient proof that the person had read, understood, agrees, authorizes, and/or approves the bits that had the digital signature (in part, because there is nothing in normal PKI standards that provides proof as to what, if any, digital certificate happened to be attached to any particular digital signature). Then came the realization that it was quite absurd that because a certification authority had included the non-repudiation bit in some digital certificate at some point way in the past ... that the setting of that bit had absolute and total control of whether a person had read, understood, agrees, authorizes, and/or approves some pattern of bits for every digital signature that might be created in the future. The absurdity of such an assertion was since lead to the non-repudiation bit being depreciated. in any case, the morphing of any digital signature for "something you have" authentication into anything that could imply human signature goes well beyond the secure boundary issues. some past posts on dual-use attack http://www.garlic.com/~lynn/aadsm17.htm#57 dual-use digital signature vulnerability http://www.garlic.com/~lynn/aadsm17.htm#59 dual-use digital signature vulnerability http://www.garlic.
Re: Is there any future for smartcards?
On Mon, Sep 12, 2005 at 09:52:27AM -0700, James A. Donald wrote: > Typical worm installation goes like this: > > : : Receive message via bluetooth from unnamed > : : device? Y/N > : : > : : Installation Security warning: Unable to > : : verify supplier. Continue anyway? Y/N It's just a networked computer that happens to look like a mobile phone. Not particularly security-oriented. It also doesn't matter what current malware does on the current platform. FWIW, it's still in primitive shenanigan stage. It's a question what future malware on future mobile platforms will do. It's a machine for young social primates. Not suitable for a payment system, unless equipped with dedicated, hardened cryptographic compartment with dedicated display and PIN/biometrics. http://www.f-secure.com/weblog/archives/archive-052005.html Yesterday we received information on Commwarrior.B sightings on two new countries: Greece and South Africa. So it seems that the rate in which Commwarrior is spotted is quite a lot faster than with Cabir. But then again, high discovery rate might be result of increased public awareness. Also as Commwarrior is in the wild here in Finland, we have had an opportunity to follow how the worm spreads and interviewed people who have been infected with it. And it seems that we have found at least partial answer to the question why people install Symbian worms on their phones. The most common reason why people have installed Commwarrior from MMS message is the trust that they have on the sender. People are wary of messages that they receive from unknown sources, but quite willing to install whatever has been sent from a friends mobile. This is a phenomenon that we have also seen with E-Mail worms, people just are unwilling to mistrust something coming from a friend. Current count of countries with Commwarrior sightings: 1.Ireland 2.India 3.Oman 4.Italy 5.Philippines 6.Finland 7.Greece 8.South Africa > Seems to me that the phone designers have done a better > job with virus, worm, and malware resistance than > Microsoft or Linux. Teenagers are pretty sophisticated. Are we talking even about the same species? About the same teenagers which already own malware-infested PCs, and swap whatever ringtones, logos and games en vogue with their FOAFs? -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Is there any future for smartcards?
Eugen Leitl wrote: > On Sun, Sep 11, 2005 at 06:49:58PM -0400, Scott Guthery wrote: >>1) GSM/3G handsets are networked card readers that are pretty >>successful. They are I'd wager about as secure as an ATM or a POS, >>particularly with respect to social attacks. > The smartphones not secure at all, because anything you enter > on the keypad and see on the display can be compromised, so > the tamper-proof cryptographic goodness locked inside the SIM > smartcard will cheerfully approve whatever the code running > on the smartphone will tell it to approve, regardless of > what is being displayed to the user. TBH I don't think the smartcard approach will work - really, everything needed to verify what you are signing or encrypting needs to be within your secure boundary, so the only sensible approach is for a mobile-sized cryptographic device to be autonomous, but accept *dumb* storage cards for reading and writing; that dumb card can then be used to transfer a unsigned document to the cryptographic device, which when inserted uses a relay or switch to assume control of the keyboard and screen; person wishing a digital signature stores the document to be signed onto the card; signer inserts into his device, uses the device's display to assure himself this is really what he wants to sign and then keys his access code. The device then produces a digital signature certificate (possibly deliberately adding some harmless salt value to the end before signing, which is noted in the detached certificate's details) and copies that to the dumb card, retaining a copy for the user's own records. by using a switch controlled by the cryptographic module, the display can be then used by an alternate system when not in use - for example, a mobile phone - while providing an airgap between the secure module and the insecure (and yes, this would mean if you received a contract via email, you would have to write it to a card, remove that card from a slot, insert it into a different slot, then check it. I can't see how the system can be expected to work otherwise) - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
-- From: Eugen Leitl <[EMAIL PROTECTED]> > Virtually all new phones sold are smartphones, and for > every platform there are documented vulnerabilities, > exploits, and malware already in the wild. Increased > use of mobile phones as means of payment are a strong > motivation for malware writers. Most of smartphone > users are security-naive teenagers. This indicates > that we'll be getting all [the] problems with desktop > machines, and more, shortly. Typical worm installation goes like this: : : Receive message via bluetooth from unnamed : : device? Y/N : : : : Installation Security warning: Unable to : : verify supplier. Continue anyway? Y/N Seems to me that the phone designers have done a better job with virus, worm, and malware resistance than Microsoft or Linux. Teenagers are pretty sophisticated. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 8tInGahoKXdu0MdklSeXa9rSSqUD0w9pt1CUvwWm 4NF0OIlPIvHlyV2QEiTSJuO9yYMSLePsNYsvGjreG - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
On Mon, 12 Sep 2005, Jaap-Henk Hoepman wrote: > I believe smartcards (and trusted computing platforms too, btw) aim to solve > the following problem: > > "How to enforce your own security policy in a hostile environment, not >under your own physical control?" > > Examples: > - Smartcard: electronic purse: you cannot increase the amount on > your e-purse (unless reloading at the bank). > - Trusted computing: DRM: my content cannot be illegally copied on > your machine. > > As soon as the environment is under your won physical control, software only > solutions suffice. Well, SC is just a processor which runs some software. Unfortunately, in our non-perfect world a person can physically control his own computer which is (logically) 0wned by somebody else :-) Of course, a smart card inserted into compromised card accepting device can be (mis)used by the 0wner as well, but at least the owner can be sure that once she removes the card no new transaction can be authenticated. BTW, there is also `something-you-have' authentication use-case. -- Regards, ASK - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
On Sun, Sep 11, 2005 at 07:32:45PM +0200, Eugen Leitl wrote: > On Sun, Sep 11, 2005 at 10:53:34PM +1200, Peter Gutmann wrote: >=20 > > The problem with this is that in 99.99% of cases the insecure networked > > machine *is* the reader, rendering the smart card pretty much pointless= . I've >=20 > USB smarcard readers with displays are not expensive, especially > if purchased in quantities. A financial institution would probably > recover the costs quite rapidly, if it gave away smartcards and=20 > such readers for free to its customers, given the amount of fraud. A company I worked at developed a secure smart card reader/keyboard in 1997/98 . It had a display and enough crypto capabilities that it could do the cardholder side of SET. It would get the PIN or fingerprint from the user, use that to unlock the card, then verify the merchant's signature on the payment request it got from the PC and display that to the user and get acknowledgement before having the smart card sign the payment message and handing that back to the PC to send to the merchant. I spent a lot of time meeting with bankers and going to standards comittees. The credit card industry basically said "Very nice. It's secure. But who is going to pay for it?" The added security wasn't worth the added cost (~$20 BOM cost) to the card card issuers. The fact that it did SET and SET didn't go anywhere didn't help, but after shoving SET on there, we could have put anything on (and did do EMV). But no credit card issuer bought the concept. They all said that if we could get them deployed, they'd like to be able to use them. The problem in the case of credit card issuers is that they aren't the ones who bear the cost of card fraud-- the merchants generally bear the cost of the goods stolen. They just figure that as part of the overhead. Amex did at one point give out SET smart cards and dumb card readers using code written by a competitor of ours. The SET code didn't actually work, and even if it had, there were no merchants using it. The Amex card was a cool partially transluctent card with the smart card 'bug' highlighted, so it impressed clerks at Frys. But that was all it was good for. Eric - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
Jaap-Henk Hoepman wrote: > I believe smartcards (and trusted computing platforms too, btw) aim to solve > the following problem: > > "How to enforce your own security policy in a hostile environment, not >under your own physical control?" > > Examples: > - Smartcard: electronic purse: you cannot increase the amount on > your e-purse (unless reloading at the bank). > - Trusted computing: DRM: my content cannot be illegally copied on > your machine. > > As soon as the environment is under your won physical control, software only > solutions suffice. a couple years ago ... i was on an assurance panel in the tcp/tpm track at idf. during my 5 minutes ... http://www.garlic.com/~lynn/aadsm5.htm#asrn1 i happened to comment that over the previous couple years that tpm had gotten simpler and started to look more and more like aads http://www.garlic.com/~lynn/index.html#aads one of the tpm people was in the front row ... and replied that i didn't have a couple hundred people on a committee helping me design a chip. I even claimed that the original aads chip design could meet the then tpm requirements with no changes. some side drift into finread http://www.garlic.com/~lynn/subpubkey.html#finread a minor anecdote htt://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking one of the things considered in the x9.59 financial standard http://www.garlic.com/~lynn/index.html#x959 was the provisions of have two digital signatures on a transaction ... one authenticating the originator and one from the signing environment. two issues with respect to the finread standard has been 1) secure pin-pad and secure entry of pin entry and 2) is what you are signing what you see. finread provides for a hardened external device that attempts to address both of these issues. the issue from a financial institution authenticating and authorizing the transaction for risk management ... is how does the financial institution (or other relying party) really know that a finread terminal was used for a particular transaction (as opposed to any other kind of terminal). the finread standard specifies the operational characteristics/objectives of the terminal/reader ... but doesn't actually provide assurance to the financial institution (or other relying party) that a certified finread terminal was used for the actual signing environment. this is sort of out of risk adjusted capital from basel http://www.bis.org/publ/bcbsca.htm all the possible risks are evaulated for an institution ... and capital assets are put aside proportional to the evaluated risks. approved transactions that have been signed by both the account owner and a certified finread terminal should have lower possible risk than transactions simply signed by the account holder (more unknowns and possible vulnerabilities) in financial transactions there typically are (at least) two interested parties ... the individual as the account owner ... and the financial institution as the relying party & potentially having significant liability with respect to fraudulent transactions. software may surfice when things are under your own phsyical control AND nobody else has exposed risk related to operations performed in that environment under. however, when there are other parties at risk, they may ask for a higher level of assurance than simply a statement from the individual that there have been no compromises. some collected postings on assurance http://www.garlic.com/~lynn/subpubkey.html#assurance and fraud http://www.garlic.com/~lynn/subpubkey.html#fraud - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
On Sun, Sep 11, 2005 at 06:49:58PM -0400, Scott Guthery wrote: > 1) GSM/3G handsets are networked card readers that are pretty > successful. They are I'd wager about as secure as an ATM or a POS, > particularly with respect to social attacks. The smartphones not secure at all, because anything you enter on the keypad and see on the display can be compromised, so the tamper-proof cryptographic goodness locked inside the SIM smartcard will cheerfully approve whatever the code running on the smartphone will tell it to approve, regardless of what is being displayed to the user. Virtually all new phones sold are smartphones, and for every platform there are documented vulnerabilities, exploits, and malware already in the wild. Increased use of mobile phones as means of payment are a strong motivation for malware writers. Most of smartphone users are security-naive teenagers. This indicates that we'll be getting all problems with desktop machines, and more, shortly. > 2) ISO is currently writing a standard for a secure home card reader. > The starting point is FINREAD. See JTC1/SC17/SG4/TF10. I own a secure home card reader (which happens on run on Windows, Linux and OS X, with open source drivers -- my model has a keyboard but no display, but other models from the same manufacturer do). Standars are good. I'm all for standars, as long as they describe what eventually will be a real world product. Unless financial institutions will be required by law to issue secure smartcards and smartcard readers, or suffer extreme losses through fraud they won't introduce these secure readers and smartcards. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Is there any future for smartcards?
I believe smartcards (and trusted computing platforms too, btw) aim to solve the following problem: "How to enforce your own security policy in a hostile environment, not under your own physical control?" Examples: - Smartcard: electronic purse: you cannot increase the amount on your e-purse (unless reloading at the bank). - Trusted computing: DRM: my content cannot be illegally copied on your machine. As soon as the environment is under your won physical control, software only solutions suffice. Regards, Jaap-Henk On Wed, 07 Sep 2005 18:08:25 -0400 Pat Farrell <[EMAIL PROTECTED]> writes: > Is there a real problem that they uniquely solve, sufficient > to drive the building of the needed infrastructure? > I don't see it, and I'd love to be made smarter. > > -- > Pat Farrell > http://www.pfarrell.com -- Jaap-Henk Hoepman | I've got sunshine in my pockets Dept. of Computer Science | Brought it back to spray the day Radboud University Nijmegen |Gry "Rocket" (w) www.cs.ru.nl/~jhh | (m) [EMAIL PROTECTED] (t) +31 24 36 52710/53132 | (f) +31 24 3653137 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: Is there any future for smartcards?
1) GSM/3G handsets are networked card readers that are pretty successful. They are I'd wager about as secure as an ATM or a POS, particularly with respect to social attacks. 2) ISO is currently writing a standard for a secure home card reader. The starting point is FINREAD. See JTC1/SC17/SG4/TF10. Cheers, Scott - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
On Sun, Sep 11, 2005 at 10:53:34PM +1200, Peter Gutmann wrote: > The problem with this is that in 99.99% of cases the insecure networked > machine *is* the reader, rendering the smart card pretty much pointless. I've Pat Farrel spoke about the infrastructure required for smartcards to have at all a point. Inexpensive USB readers with integrated keypad (and LCD display) exist, and are a basic component of such smartcard infrastructure. Unless it's pure snakeoil, by design. > only ever seen a handful of card readers that have keypads and displays, and > none that have succeeded commercially. Everyone just gets the cheap reader- > only devices. USB smarcard readers with displays are not expensive, especially if purchased in quantities. A financial institution would probably recover the costs quite rapidly, if it gave away smartcards and such readers for free to its customers, given the amount of fraud. It is symptomatic that this is not happening, and that e.g. HBCI support hereabouts is very thin. HBCI+smartcard, especially on a non-Redmond system, is nearly impossible to set up. Zero support. (Support in fact discourages use of smartcard). Default for local online banking is PIN/TAN (TANs distributed on dead tree). -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Re: Is there any future for smartcards?
Eugen Leitl <[EMAIL PROTECTED]> writes: >On Wed, Sep 07, 2005 at 06:08:25PM -0400, Pat Farrell wrote: >> Something tells me that soon is not gonna happen in what I would >> call soon. Smartcards (the smart part) were moderately interesting >> when there was no networking. We've been at ubiquitous networking >> for many years. > >We also have ubiquitous networking of systems which are vulnerable and >frequently compromised. Smartcard + reader is a hardened cryptographic >compartment where you can still trust what you see on the reader display, and >that nobody can sniff what is entered on the keypad. > >Such a system can be safely connected to an insecure, networked machine. The problem with this is that in 99.99% of cases the insecure networked machine *is* the reader, rendering the smart card pretty much pointless. I've only ever seen a handful of card readers that have keypads and displays, and none that have succeeded commercially. Everyone just gets the cheap reader- only devices. Peter. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
Pat Farrell <[EMAIL PROTECTED]> writes:
>Is there a real problem that they uniquely solve, sufficient to drive the
>building of the needed infrastructure? I don't see it, and I'd love to be
>made smarter.
Smart cards were cool in the 1970s because back then it was almost science-
fiction technology - imagine a standard plastic card with a built-in computer!
So the initial effort wasn't "What can we do with them" but "Can we even
create them". Then once they were created, it became "OK, now we've got them
what do we do with them?".
There were some things that they're inherently very good for (stored-value
micropayments, phone cards, fare payment, photocopying, that sort of thing)
and as portable embedded CPUs (SIM cards), and a whole pile of other solution-
in-search-of-a-problem things that they're awful at.
The main downside in expanding out of the basic stored-value micropayments
field is that the thing that made the cards so cool in 1975 - the fact that
they're in the same form-factor as a credit card - makes them almost useless
for any other application. No onboard clock, no onboard power, no display, no
keypad, no network connectivity, and no ability to ever add any of them
because of the form factor limits, that's a serious killer for usability and
functionality.
Much like Java rings ("Look what I've got, a Java processor in a ring! Isn't
it cool!" - "So what's it good for?" - "No, you don't understand, it's a Java
processor in a ring!"), the thing that made them take off in the first place
is also what's locking them into a particular niche market.
Peter.
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
Pat Farrell wrote: > Nearly ten years ago, when I was at Cybercash, we worked with Mondex and > other smartcard vendors who also said "as soon as we have infrastructure" > > Something tells me that soon is not gonna happen in what I would > call soon. Smartcards (the smart part) were moderately interesting > when there was no networking. We've been at ubiquitous networking > for many years. > > While he was at Cybercash, Ellison was awarded US Patent 6,073,237 > "Tamper resistant method and apparatus" which is precisely > a network based, software only smartcard. my characterizations of smartcards from the 80s ... was that they were targeted at the portable computing market segment. however, the technology was only sufficient for the chip ... and there wasn't corresponding portable technology for input and output. as a result you saw things like the work in ISO for standardizing interface to the chip ... so the chipcard could be carried around and interop with fixed input/output stations. in the early 80s, you saw the advent of PDAs and cellphones with portable input/output technology that sort of took over that market. which would you prefer a portable computing device with lots of application and data where you had to go find a fixed input/output station to utilize the device or a similar portable computing device where the input/output was integrated? in the 90s, anne & I were asked to spec, design, & cost the infrastructure for a mondex roll-out in the US ... aka it wasn't the mondex card per-se ... it was all the rest of the infrastructure and dataprocessing required to support a mondex infrastructure (from the mondex international superbrick on down to loading/unloading value on the chip). one of the financial issues with mondex was that most of the float & value was at mondex international with the superbrick; in fact later on you saw mondex international making inducements to various countries where they offered to split the float. this was about the time several of the EU central banks made the statement that the current genre of stored-value smartcards would be given a couple year grace period allowing them to establish an infrastructure ... but after that they would be required to pay interest on unspent value in the card (would have pretty much eliminated the float value at higher levels in the operational stream). that was coupled with the fact that it had a fundamental offline design point ... i.e. the value was held in the chip ... and could be moved between chips w/o having to go online ... becomes something of an anachronism if you have ubiquitous online access (as you've observed). mondex also sponsored a ietf working group looking at possibly application of mondex transactions in the internet environment. that really represented a difficult undertaking being a shared-secret based infrastructure. the working group somewhat morphed and eventually turned out ECML and some other stuff ... some recent RFCs .. XML Voucher: Generic Voucher Language http://www.garlic.com/~lynn/rfcidx13.htm#4153 Voucher Trading System Application Programming Interface (VTS-API) http://www.garlic.com/~lynn/rfcidx13.htm#4154 which evolved out of the work on ECML (electronic commerce markup language), which in turned started out with working group somewhat looking at adapting Mondex to Internet transactions. Electronic Commerce Modeling Language (ECML) Version 2 Specification http://www.garlic.com/~lynn/rfcidx13.htm#4112 some of that chipcard technology can be applied to an electronic "something you have" authentication technology ... where it is difficult to compromise and/or counterfeit a valid chip. this raises something of a perception issue ... if you stick with the protable computing device model ... then the chipcard has a bunch of capability that is redundant and/or superfluous for somebody with a cellphone/pda. If you go with purely the (hard to compromise and counterfeit) "something you have" authentication model in an online world ... then KISS (or Occam's Razor) would imply that most of the features associated with the earlier smartcard model are redundant and superfluous (and might actually pose unnecessary complexity and points of attack/compromise for something that is purely targeted as "something you have" authentication). a couple recent postings somewhat related to threat models and authentication vulnerabilities. http://www.garlic.com/~lynn/2005p.html#25 Hi-tech no panacea for ID theft whoes http://www.garlic.com/~lynn/2005p.html#26 Hi-tech no panacea for ID theft woes - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Is there any future for smartcards?
On Wed, Sep 07, 2005 at 06:08:25PM -0400, Pat Farrell wrote: > Something tells me that soon is not gonna happen in what I would > call soon. Smartcards (the smart part) were moderately interesting > when there was no networking. We've been at ubiquitous networking > for many years. We also have ubiquitous networking of systems which are vulnerable and frequently compromised. Smartcard + reader is a hardened cryptographic compartment where you can still trust what you see on the reader display, and that nobody can sniff what is entered on the keypad. Such a system can be safely connected to an insecure, networked machine. > Is there a real problem that they uniquely solve, sufficient > to drive the building of the needed infrastructure? > I don't see it, and I'd love to be made smarter. -- Eugen* Leitl http://leitl.org";>leitl __ ICBM: 48.07100, 11.36820http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE signature.asc Description: Digital signature
Is there any future for smartcards?
This is a tiny bit off pure crypto, but I've been watching and working around smartcards for 20 years, and I think they've been around longer, maybe even a decade longer. I'm posting this to Perry's list, rather than cross posting, mostly because I hate crossposting On Wed, 2005-09-07 at 16:34 -0500, Alaric Dailey wrote: > Agreed, but until we have the infrastructure to handle smartcards as > credit cards, then it is at least SOME verification the the person using > the card is the person who is supposed to be using the card. Nearly ten years ago, when I was at Cybercash, we worked with Mondex and other smartcard vendors who also said "as soon as we have infrastructure" Something tells me that soon is not gonna happen in what I would call soon. Smartcards (the smart part) were moderately interesting when there was no networking. We've been at ubiquitous networking for many years. While he was at Cybercash, Ellison was awarded US Patent 6,073,237 "Tamper resistant method and apparatus" which is precisely a network based, software only smartcard. >From what I can see, Smartcards are a technology looking for a practical problem to solve.' Is there a real problem that they uniquely solve, sufficient to drive the building of the needed infrastructure? I don't see it, and I'd love to be made smarter. -- Pat Farrell http://www.pfarrell.com - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
